Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft
File:                     2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft (raw, json)
Hash identifier:          xzvlCfawrwJxl+vJ8VuUcfMX/Nszzy7h1hc1iQxoNfs=
Subject key identifier:   43:E9:F6:14:F1:B1:2F:AA:2A:C4:BF:E4:30:62:AF:73:33:4D:7B:7F
Authority key identifier: D9:B2:28:11:DF:86:12:3D:71:AF:5B:99:8A:21:0C:23:EB:1D:5E:FA
Certificate issuer:       /CN=d9b22811df86123d71af5b998a210c23eb1d5efa
Certificate serial:       0198D6603AC317DE9024842B15BBA85882A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2bIoEd-GEj1xr1uZiiEMI-sdXvo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft
Manifest number:          0F87
Signing time:             Sat 23 Aug 2025 10:01:27 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:27 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:27 +0000
Files and hashes:         1: 2bIoEd-GEj1xr1uZiiEMI-sdXvo.crl (hash: 2wYlbxC2E6PW4tB88KBYXRO1Vtn0DjpfFtjXygzCgTU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2bIoEd-GEj1xr1uZiiEMI-sdXvo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:3a:c3:17:de:90:24:84:2b:15:bb:a8:58:82:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9b22811df86123d71af5b998a210c23eb1d5efa
        Validity
            Not Before: Aug 23 10:01:27 2025 GMT
            Not After : Aug 24 10:01:27 2025 GMT
        Subject: CN=43e9f614f1b12faa2ac4bfe43062af73334d7b7f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:08:a6:a3:fa:ba:0c:a1:64:09:63:81:d9:91:
                    33:52:4b:98:77:a5:36:8f:3b:b8:44:d7:56:77:45:
                    20:7e:af:77:d5:2b:0f:fd:78:10:6a:41:43:a9:01:
                    70:a6:80:90:93:d3:6b:c7:8c:41:99:51:41:16:74:
                    15:14:38:3b:82:24:e1:f5:a8:7a:60:b1:65:82:bc:
                    a4:fd:e4:67:b9:71:a8:58:bd:04:2f:de:ef:82:71:
                    ce:9f:4f:1f:91:38:c5:82:09:d0:f2:93:9e:e9:99:
                    38:ae:a9:1d:ee:a0:9c:4e:81:c4:f9:73:f0:e1:fd:
                    a7:56:68:8a:16:c0:7d:78:e4:ad:aa:9e:af:08:4f:
                    7c:f2:7e:84:1d:28:78:f0:54:88:8b:03:9d:1f:43:
                    3a:5a:16:f9:96:66:05:48:0b:ed:f0:5d:85:26:e8:
                    8b:7c:18:55:04:1c:e3:01:1d:11:2a:0a:04:a1:00:
                    8c:46:cf:b1:46:23:6f:c3:c3:00:60:e8:93:ca:42:
                    66:98:f5:b8:76:66:67:89:c9:97:c8:d2:49:5f:d9:
                    cf:a9:cc:62:22:fd:51:8d:3f:9b:ab:b9:43:14:c9:
                    e3:01:cb:f6:af:a7:22:e8:9e:af:9d:bd:f0:8a:f7:
                    cf:47:fa:6f:6c:e2:43:ef:90:2a:be:31:ae:9e:00:
                    93:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:E9:F6:14:F1:B1:2F:AA:2A:C4:BF:E4:30:62:AF:73:33:4D:7B:7F
            X509v3 Authority Key Identifier:
                keyid:D9:B2:28:11:DF:86:12:3D:71:AF:5B:99:8A:21:0C:23:EB:1D:5E:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2bIoEd-GEj1xr1uZiiEMI-sdXvo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:fb:69:e0:b7:55:a0:8f:7a:81:65:1a:dd:26:fc:a9:47:ac:
         47:e3:3d:03:8b:19:99:67:e0:59:c1:e4:f9:0d:7f:91:35:5a:
         5d:91:cb:72:85:4f:57:40:44:d9:85:7d:34:10:24:e4:49:9c:
         9f:37:9c:41:89:87:fc:d1:34:a2:e2:15:6a:ad:1a:04:81:d6:
         86:f2:65:4c:3b:40:7c:68:d5:47:65:14:23:1d:05:72:5b:7c:
         74:56:9b:39:4b:59:c5:93:33:61:c9:b7:63:81:f3:30:fb:b7:
         5d:f3:23:fc:e5:b9:04:5c:05:c2:4e:92:8f:81:7d:89:ee:88:
         9f:81:09:fa:10:df:43:51:1a:e9:0f:31:03:ee:38:ef:b3:ed:
         d8:84:76:73:f0:52:f1:d9:7a:2a:a0:6a:80:79:ad:7f:30:2d:
         ed:99:40:ba:38:d0:39:38:78:20:6e:c2:9e:ca:1f:1b:11:f1:
         76:a8:fa:29:2e:9e:dd:85:06:7f:b4:55:65:74:6e:f6:db:85:
         50:5c:87:db:92:4c:3d:e7:61:06:fa:7f:f5:c7:2c:7b:75:8f:
         ba:28:42:7b:86:32:b5:71:bb:2b:f3:16:c8:a3:aa:fd:05:92:
         07:41:22:c2:7e:71:2c:09:97:02:21:dc:fe:04:9d:50:9e:01:
         df:a8:44:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYDrDF96QJIQrFbuoWIKpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YjIyODExZGY4NjEyM2Q3MWFmNWI5OThhMjEwYzIzZWIx
ZDVlZmEwHhcNMjUwODIzMTAwMTI3WhcNMjUwODI0MTAwMTI3WjAzMTEwLwYDVQQD
Eyg0M2U5ZjYxNGYxYjEyZmFhMmFjNGJmZTQzMDYyYWY3MzMzNGQ3YjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQimo/q6DKFkCWOB2ZEzUkuYd6U2
jzu4RNdWd0Ugfq931SsP/XgQakFDqQFwpoCQk9Nrx4xBmVFBFnQVFDg7giTh9ah6
YLFlgryk/eRnuXGoWL0EL97vgnHOn08fkTjFggnQ8pOe6Zk4rqkd7qCcToHE+XPw
4f2nVmiKFsB9eOStqp6vCE988n6EHSh48FSIiwOdH0M6Whb5lmYFSAvt8F2FJuiL
fBhVBBzjAR0RKgoEoQCMRs+xRiNvw8MAYOiTykJmmPW4dmZnicmXyNJJX9nPqcxi
Iv1RjT+bq7lDFMnjAcv2r6ci6J6vnb3wivfPR/pvbOJD75AqvjGungCT2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEPp9hTxsS+qKsS/5DBir3MzTXt/MB8GA1UdIwQY
MBaAFNmyKBHfhhI9ca9bmYohDCPrHV76MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmJJb0VkLUdFajF4cjF1WmlpRU1JLXNkWHZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8zZjBjMjktZjExMi00ZDBhLWJjMjQt
NjZjZDU1ZmVlM2Y5LzEvMmJJb0VkLUdFajF4cjF1WmlpRU1JLXNkWHZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC8zZjBjMjktZjExMi00ZDBhLWJjMjQtNjZjZDU1ZmVlM2Y5
LzEvMmJJb0VkLUdFajF4cjF1WmlpRU1JLXNkWHZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAePtp4LdV
oI96gWUa3Sb8qUesR+M9A4sZmWfgWcHk+Q1/kTVaXZHLcoVPV0BE2YV9NBAk5Emc
nzecQYmH/NE0ouIVaq0aBIHWhvJlTDtAfGjVR2UUIx0Fclt8dFabOUtZxZMzYcm3
Y4HzMPu3XfMj/OW5BFwFwk6Sj4F9ie6In4EJ+hDfQ1Ea6Q8xA+4477Pt2IR2c/BS
8dl6KqBqgHmtfzAt7ZlAujjQOTh4IG7CnsofGxHxdqj6KS6e3YUGf7RVZXRu9tuF
UFyH25JMPedhBvp/9ccse3WPuihCe4YytXG7K/MWyKOq/QWSB0Eiwn5xLAmXAiHc
/gSdUJ4B36hEqg==
-----END CERTIFICATE-----